RE: the "Sony/BMG" virus

["Todd Towles" <toddtowles () brookshires com>]

Greg wrote:
> Pardon? "START" to....?
>
> Seeing this has been an issue for a long time - cloaking of 
> software for 
> various reasons - someone correct me, please, if I am wrong 
> but I thought 
> this cloaking was new to the public but old news on this list. Am I 
> mistaking some rootkits here? I distinctly remember a rootkit 
> remover which 
> wont be named (simply because I forgot the name! ;-}) which actually 
> installed a rootkit, backdoor open, Bob's your uncle and it 
> wasn't until 
> said person actually admitted to it that it was found....or 
> do I remember 
> THAT wrong as well?

You are correct that this is not news to this list, but many things that
we see everyday are totally lost on the general public. I would assume
that you are speaking about the many many "fake" spyware removers out on
the internet.

There are loads of malware that use rootkit technology, but can WhenU
and other "legal" adware get in legal trouble if they stars to rename
their services with $sys$. The company's products would in itself not be
acting as a rootkit and does not include rootkit code..but it gets to
use the cloak of Sony to hide itself. Little extra bonus for those
programs that are in grey area....

-Todd
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/